Sign In

Communications of the ACM

ACM News

Microsoft: Hackers are Using Open Source Software, Fake Jobs in Phishing Attacks

View as: Print Mobile App Share:

A security team at Microsoft-owned LinkedIn said the same actors created fake profiles to impersonate recruiters from companies in the technology, defense, and media entertainment sectors.

Credit: Natee Meepian/Shutterstock

Microsoft is warning that hackers are using open source software and bogus social media accounts to dupe software engineers and IT support staff with fake job offers that in reality lead to malware attacks.

A phishing-happy hacking crew linked to North Korea's armed forces has been using trojanized open-source apps and LinkedIn recruitment bait to hit tech industry employees, according to threat analysts from Microsoft's advanced persistent threat (APT) research group.

The Microsoft Threat Intelligence Center (MSTIC, pronounced 'Mystic') has seen the group using PuTTY, KiTTY, TightVNC, Sumatra PDF Reader, and the muPDF/Subliminal Recording software installer for these attack since late April, according to MSTIC's blogpost.

From ZDNet
View Full Article



No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account